EP1034517B1 - Datenverwaltungsverfahren in einer chipkarte - Google Patents

Datenverwaltungsverfahren in einer chipkarte Download PDF

Info

Publication number
EP1034517B1
EP1034517B1 EP98958278A EP98958278A EP1034517B1 EP 1034517 B1 EP1034517 B1 EP 1034517B1 EP 98958278 A EP98958278 A EP 98958278A EP 98958278 A EP98958278 A EP 98958278A EP 1034517 B1 EP1034517 B1 EP 1034517B1
Authority
EP
European Patent Office
Prior art keywords
card
memory
code
information
management code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
EP98958278A
Other languages
English (en)
French (fr)
Other versions
EP1034517A1 (de
Inventor
Gilles Lisimaque
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gemplus SA
Original Assignee
Gemplus SCA
Gemplus Card International SA
Gemplus SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemplus SCA, Gemplus Card International SA, Gemplus SA filed Critical Gemplus SCA
Publication of EP1034517A1 publication Critical patent/EP1034517A1/de
Application granted granted Critical
Publication of EP1034517B1 publication Critical patent/EP1034517B1/de
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0866Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/223Payment schemes or models based on the use of peer-to-peer networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/355Personalisation of cards for use
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/355Personalisation of cards for use
    • G06Q20/3552Downloading or loading of personalisation data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/357Cards having a plurality of specified features
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4093Monitoring of device authentication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography

Definitions

  • the present invention relates to a method for managing data stored in a memory of a smart card.
  • the invention relates to the transfer of information from one card to another, in particular in the case where the starting card is about to be expired and needs to be replaced by a card with an extended duration and moreover having same system faculties, same information recorded in the electronic circuit.
  • the principles of use of smart cards include the need to compose a secret code, or personal identification code (PIN), and the comparison of this code with a code stored in the memory of the chip. If the comparison is successful, the application, i.e. in practice the delivery of a good or service corresponding to the transaction, or even a payment, can be carried out with the card. Otherwise, the holder is returned to a rejection situation. This comparison is implemented in a secure manner.
  • PIN personal identification code
  • the object of the invention is nevertheless to remedy this future problem by instituting a protocol for recording management codes.
  • the protocol takes into account the old management codes, or at least information relating to the old cards from which the data that will be recorded in the new comes.
  • an encryption algorithm is used to produce a new management code, which takes into account, on the one hand, information identifying the new card and, on the other hand, information relating to the old map.
  • the information relating to the old card will be the identification information for the old card.
  • the management code of the old card itself will be used. Any other information relating to the old card can be used.
  • the user can then be asked to dial a secret code which corresponds to the management code of the second card.
  • a secret code which corresponds to the management code of the first card.
  • FIG. 1 shows a device which can be used to implement the data management method of the invention.
  • This figure shows a reader 1 for reading a portable smart object 2, or a smart card, inserted into a slot 3 of the reader.
  • This reader conventionally comprises a screen 4 for viewing messages edited by the reader and a keyboard 5 to allow an operator, the card holder, to organize a transaction between the reader 1 and the smart card 2
  • the reader can be connected by various means to a master system 6, either in real time or in deferred time.
  • these means may include a radio link by means of two antennas 7 and 8, and their associated transmission and reception system, connected to the reader and to the master system respectively.
  • the invention relates more particularly to the transfer of information contained in an expired smart card 9 (its expiry date being for example 1996, already past) and a new smart card 2 with a much higher validity date (2007).
  • the card 9 and the card 2 each include an electronic chip as referenced 10 and means for contacting the reader 1. In one example, these contacting means are quite simply a connector 11. Other solutions are known.
  • FIG 2 there is shown in more detail the steps of the method of the invention. Also shown are the old and 2 smart cards 9 news.
  • the smart card is provided, recorded in a memory of the chip, with information 12 representative of a serial number of the card or the chip. In a banking application, this serial number can also be or correspond to a bank account number.
  • a mother key is thus a string of binary characters: in one example, a mother key has a length of 1024 bits.
  • the serial number of the card or chip can also be presented in binary form.
  • the two corresponding binary character strings are then presented to an encryption algorithm symbolically represented by the reference 13.
  • the encryption algorithm 13 results in the production of a first management code.
  • the encryption algorithm 13 is implemented by the master system, available from an issuer of the card, before this issuer decides to send the smart card to its user.
  • the transmitter During a so-called personalization operation, the transmitter, with a special smart card reader, reads the serial number of the card and produces, with an algorithm 13 and a mother key 100 known to the transmitter alone, a first management code 14.
  • the master system stores the first management code 14 in the memory of the card chip. In a known manner, this recording can be carried out at a location on the chip of the card 9. This location can also depend for its location on the application, first application 27, which can be managed with the card.
  • the management codes are therefore secret and stored in inviolable locations.
  • FIG. 3 shows a preferred mode of use of a smart card or of a portable smart object provided for the application of such a management code 14.
  • a user swipes his card chip in reader 1, this produces a random 15, a random string of bits.
  • This hazard 15 is sent, in particular via the connector 11, to the chip of the card 9.
  • the latter implements an encryption of the hazard 15 by the management code 14 and produces a management code 16 encrypted by the hazard.
  • the operator dials on the keyboard 5 a secret code.
  • This secret code is sent to the reader 1.
  • the reader 1 carries out, in the same way as the card 9, the encryption 17 of the secret code by the value of the hazard 15 that this reader knows.
  • a comparison circuit 18 of the reader unless it is a comparison circuit 19 of the card, performs the comparison of the management code 16 encrypted by the hazard to the secret code 17 encrypted by the hazard. If there is identity, the result of the comparison circuit 18 or 19 will be positive and the continuation of the transaction envisaged with the card 9 may continue.
  • this series of transactions will include the editing of data stored in the first memory of the first card 9 if the secret code presented to the reader is compatible with the first management code 14 recorded.
  • the reader will often produce, on the one hand, a ticket 20 representative of the transaction or, on the other hand, in a non-visible manner, a recording in its memory representative of this transaction.
  • This record is itself intended to be transmitted to the master system in deferred mode or in real time.
  • Ticket 20 and registration will include indications of the transaction, in particular at least a part of identification of the smart card 2, for example the serial number 12 envisaged so far, or an account number or any other information recorded in the card 9.
  • the the mere fact that this information appears on the ticket 20, or on the recording of the reader 1, means that it has moreover been edited. In practice, we actually seek with the comparison to block or allow such an edition and therefore the rest of the transaction.
  • the information relating to the first card is precisely the serial number 12 and the information relating to the second card 9 is also a serial number 23 of this second card. Nevertheless, one could have used as information relating to the first card the first management code 14, or any other information.
  • the implementation of the algorithm 21 is carried out by a reader 1 of common type, but provided with software for, during a production assignment of the code 22, to cause the reading in the card 9 useful information, request the extraction of card 9 and the replacement of card 2, read the useful identification data in card 2, calculate code 22 and save it in card 2.
  • the software for implementing the algorithm can be, at least in part, stored in card 9 (or and in card 2).
  • the implementation can even be carried out by the microprocessor of the card for more security.
  • algorithm 21 requires the reception of three character strings.
  • the algorithm 13 will preferably receive the first serial number 12, a second time the first serial number 12 as well as the mother key 100.
  • the algorithm 21 is the same as the algorithm 13.
  • the three useful pieces of information can be the serial number 23, the serial number 12 and the mother key 100. This key 100 can even be replaced by the code 14.
  • a second management code is therefore produced according to the invention 22 with the second encryption algorithm 21.
  • the second management code 22 thus produced is then recorded in the second card 2 at the same time as the information relating to the first card (12 or 14) which was used for the preparation of this second management code.
  • the serial number 12 of the first card 9 is also recorded in the second card 2.
  • FIG. 2 also shows that the mechanism can be extended from the moment when a third chip card 24 provided with a third serial number 25 is used. With this third card 24, it will then be possible to produce a third management code 26 under the same conditions with an algorithm 27 similar to the algorithm 21.
  • the information relating to the second card 2 the serial number 23 will be stored in the memory of the third card 24.
  • a first application 27 has been shown for the card 9.
  • This application is a first way of using the card 9.
  • This card 9 can preferably be a multi-application card.
  • the management code 14 is a management code intended for an application.
  • the same elements will be found.
  • the other management codes will have to be different.
  • This can be easily obtained by using algorithms 13 parameterized by different mother keys 100, depending on the applications concerned.
  • the mother key 100 can also be stored in the card 9 at the location of the memory area dedicated to the application 27, 28 or 29.
  • the algorithm 13 is then configured by a key 100 which depends on the application.
  • the reader 1 and the smart card 2 exchange information in accordance with FIG. 2.
  • the management code concerned is now will the code -22 relating to the second card and no longer the code 14 relating to the first.
  • the operator must therefore dial a secret code corresponding to code 22.
  • the second card 2 is a legitimate heir to the content of the first card 9.
  • This verification can be undertaken on demand, by executing by the reader 1, or alternatively by the smart card 2, encryption operations corresponding, on the one hand, to algorithm 13 and, on the other hand, to algorithms 16 and 17.
  • the operator must therefore dial a secret code corresponding to code 22.
  • the card 2 can implement algorithm 16 from the hazard.
  • the bearer can be asked to dial, not the new secret code, but the old secret code.
  • the request to carry out this more complex verification could be randomly requested, for example once in a hundred on average. Obviously, if the verification fails, the same consequences for the rest of the transaction will be entailed.
  • the algorithm 21 will preferably be different from the algorithm 13, although it could be the same. If it is different, the algorithm 21 will preferably be a so-called symmetric algorithm.
  • a symmetric algorithm 31 is shown in FIG. 4. The particularity of a symmetric algorithm is to use public keys CPu paired with private keys CPr. The symmetrical nature of the algorithm 31 then results in the fact that data 30 encrypted in the algorithm 31 symmetrical by the mother key 32 produces encrypted data 33. If these data 33 are themselves encrypted by the same parameterized algorithm 31 , then by the daughter key 34, then the second implementation of the algorithm 31 produces the starting data 30. In one example, for the same mother public key CPu, we can have many daughter private keys CPr different.
  • the diversification of the keys involves the serial number of the cards, so that each card has a key, a different management code 14. It can be seen that, if the algorithm 13 or the algorithm 21 are symmetrical algorithms, and if the data 30 is replaced by the serial number 12, then the daughter key 34 itself is obtained as encrypted data.
  • a transmission attribute in addition to the data stored in the memory of the card 9 is a transmission attribute. And one authorizes the edition of these data, in particular with a view to their copy in the second memory, according to the value of this attribute. When this is the case, this data is copied to the second smart card 2 at the same time as this attribute.
  • this attribute provides information on the need to produce a second management code or not at the time of copying. In some cases, the mechanism implemented by algorithms 13 and 21 will be made necessary, in other cases it will not be executed.
  • the transmission attribute provides information on the need for the master system to control the copy.
  • we edit the data to copy we read the attribute that concerns them. If the intervention of the master system is required, a connection to the master system 6 is undertaken. This copy can then take place in real time or in deferred time with or without transmission of the data to the master system.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Credit Cards Or The Like (AREA)
  • Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)

Claims (13)

  1. Verwaltungsverfahren von in einem ersten Speicher eines ersten Chips (10) einer ersten Chipkarte (9) gespeicherten Daten, bei dem
    - man einen ersten Verwaltungscode (14) erzeugt (13), mit einem ersten Verschlüsselungsalgorithmus (13), ab einem Mutterschlüssel (100) und einer ersten Identifizierungsinformation (12) der ersten Chipkarte,
    - man diesen ersten Verwaltungscode im ersten Speicher aufzeichnet,
    - man die erste Karte mit einem. Chipkartenlesegerät (1) in Verbindung setzt,
    - man eine Edition (20) von im ersten Speicher gespeicherten Daten genehmigt, wenn ein in das Lesegerät eingegebener Code mit dem ersten aufgezeichneten Verwaltungscode kompatibel (8, 19) ist,
       dadurch gekennzeichnet, dass
    - man einen zweiten Verwaltungscode (22) erzeugt (21), mit einem zweiten Verschlüsselungsalgorithmus (21), ab einer Information (12) bezüglich der ersten Karte und einer zweiten Identifizierungsinformation (23) einer zweiten Chipkarte,
    - man diese Information (12) bezüglich der ersten Karte und diesen zweiten Verwaltungscode (22) in einem zweiten Speicher eines zweiten Chips der zweiten Chipkarte (2) aufzeichnet,
    - man die Edition von im zweiten Speicher gespeicherten Daten genehmigt, wenn ein dem Lesegerät angegebener Geheimcode mit dem zweiten aufgezeichneten Verwaltungscode kompatibel ist.
  2. Verfahren nach Anspruch 1, dadurch gekennzeichnet, dass der erste und zweite Verwaltungscode Geheimcodes sind.
  3. Verfahren nach einem der Ansprüche 1 oder 2, dadurch gekennzeichnet, dass der zweite Algorithmus im Chip der Karte umgesetzt wird.
  4. Verfahren nach einem der Ansprüche 1 bis 3, dadurch gekennzeichnet, dass sich der erste Verschlüsselungs-algorithmus vom zweiten Verschlüsselungsalgorithmus unterscheidet, und dass der zweite Verschlüsselungsalgorithmus symmetrisch (31) ist.
  5. Verfahren nach einem der Ansprüche 1 bis 3, dadurch gekennzeichnet, dass der erste Verschlüsselungsalgorithmus gleichzeitig der zweite Verschlüsselungsalgorithmus ist.
  6. Verfahren nach einem der Ansprüche 1 bis 5, dadurch gekennzeichnet, dass die Information bezüglich der ersten Karte die erste Identifizierungsinformation der ersten Karte oder des ersten Chips ist.
  7. Verfahren nach einem der Ansprüche 1 bis 6, dadurch gekennzeichnet, dass die Information bezüglich der ersten Karte der erste Verwaltungscode der ersten Karte oder des ersten Chips ist.
  8. Verfahren nach einem der Ansprüche 1 bis 7, dadurch gekennzeichnet, dass man beispielsweise im Lesegerät (1) ein Verwaltungscodewort auf der Basis der Information bezüglich der ersten Karte erzeugt, und dass man prüft, ob die Karte authentisch ist, wenn dieses zweite Verwaltungscodewort mit einem Geheimwort kompatibel ist.
  9. Verfahren nach einem der Ansprüche 1 bis 8, dadurch gekennzeichnet, dass man den im ersten Speicher gespeicherten Daten ein Übertragungsattribut zuordnet, dass man die Edition dieser Daten genehmigt, um entsprechend dem Wert dieses Attributs in den zweiten Speicher kopiert zu werden, dass man diese Daten und dieses Attribut in den zweiten Speicher kopiert, wobei dieses Attribut über eine Notwendigkeit Auskunft gibt, zum Zeitpunkt des Kopieren einen zweiten Geheimcode zu erzeugen.
  10. Verfahren nach Anspruch 9, dadurch gekennzeichnet, dass man, um die Edition der im zweiten Speicher enthaltenen Daten nur unter der Kontrolle eines Master-Systems zu genehmigen, ein Übertragungsattribut zuordnet, das über eine Notwendigkeit dieser Kontrolle durch ein Master-System Auskunft gibt, dass man dieses Attribut vor der Edition liest, und dass man ein Editionsprogramm startet, wenn das gelesene Attribut dies gestattet.
  11. Verfahren nach einem der Ansprüche 9 bis 10, dadurch gekennzeichnet, dass das Übertragungsattribut die Edition zum Kopieren der betroffenen Daten untersagt.
  12. Verfahren nach einem der Ansprüche 9 bis 11, dadurch gekennzeichnet, dass man die Informationen verzögert in den zweiten Speicher kopiert.
  13. Verfahren nach einem der Ansprüche 1 bis 12, dadurch gekennzeichnet, dass die Karte eine Multiapplikationskarte (27-29) ist, wobei die Daten jeweiligen Verwaltungscodes zugeordnet sind.
EP98958278A 1997-11-25 1998-11-24 Datenverwaltungsverfahren in einer chipkarte Expired - Lifetime EP1034517B1 (de)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
FR9714802 1997-11-25
FR9714802A FR2771528B1 (fr) 1997-11-25 1997-11-25 Procede de gestion des donnees dans une carte a puce
PCT/FR1998/002510 WO1999027504A1 (fr) 1997-11-25 1998-11-24 Procede de gestion des donnees dans une carte a puce

Publications (2)

Publication Number Publication Date
EP1034517A1 EP1034517A1 (de) 2000-09-13
EP1034517B1 true EP1034517B1 (de) 2001-09-19

Family

ID=9513772

Family Applications (1)

Application Number Title Priority Date Filing Date
EP98958278A Expired - Lifetime EP1034517B1 (de) 1997-11-25 1998-11-24 Datenverwaltungsverfahren in einer chipkarte

Country Status (10)

Country Link
EP (1) EP1034517B1 (de)
JP (1) JP2001524724A (de)
CN (1) CN1280695A (de)
AT (1) ATE205954T1 (de)
AU (1) AU740143B2 (de)
CA (1) CA2310122A1 (de)
DE (1) DE69801770T2 (de)
ES (1) ES2164463T3 (de)
FR (1) FR2771528B1 (de)
WO (1) WO1999027504A1 (de)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6769608B2 (en) * 2001-05-14 2004-08-03 Kabushiki Kaisha Toshiba IC card issuance system

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2809555B1 (fr) * 2000-05-26 2002-07-12 Gemplus Card Int Securisation d'echanges de donnees entre des controleurs
AU2001284314A1 (en) 2000-08-17 2002-02-25 Dexrad (Proprietary) Limited The transfer of verification data
FI114362B (fi) * 2001-12-12 2004-09-30 Setec Oy Menetelmä laitteen salaisen avaimen ottamiseksi käyttöön toisessa laitteessa
WO2003085612A1 (en) * 2002-04-10 2003-10-16 Axalto Sa Method and devices for replacing an old identification device by a new identification device
EP1353303A1 (de) * 2002-04-10 2003-10-15 SCHLUMBERGER Systèmes Konto-Zuweisungsverfahren für neues Identifizierungsgerät
JP4250629B2 (ja) * 2003-08-22 2009-04-08 富士通株式会社 Icカード運用管理システム

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0224147A3 (en) * 1985-11-19 1988-09-21 Siemens Aktiengesellschaft Berlin Und Munchen Method for transferring identification codes to credit cards
FR2654236B1 (fr) * 1989-11-03 1992-01-17 Europ Rech Electr Lab Procede de protection contre l'utilisation frauduleuse de cartes a microprocesseur, et dispositif de mise en óoeuvre.
DE69312743T2 (de) * 1992-12-31 1998-01-22 Dieter G. Carleton Place Ontario Seiler Fälschungssicheres kreditkarten absendsystem
FR2717286B1 (fr) * 1994-03-09 1996-04-05 Bull Cp8 Procédé et dispositif pour authentifier un support de données destiné à permettre une transaction ou l'accès à un service ou à un lieu, et support correspondant.

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6769608B2 (en) * 2001-05-14 2004-08-03 Kabushiki Kaisha Toshiba IC card issuance system

Also Published As

Publication number Publication date
FR2771528B1 (fr) 2000-01-14
JP2001524724A (ja) 2001-12-04
EP1034517A1 (de) 2000-09-13
AU740143B2 (en) 2001-11-01
CA2310122A1 (fr) 1999-06-03
WO1999027504A1 (fr) 1999-06-03
AU1437999A (en) 1999-06-15
DE69801770T2 (de) 2002-07-04
ES2164463T3 (es) 2002-02-16
FR2771528A1 (fr) 1999-05-28
ATE205954T1 (de) 2001-10-15
CN1280695A (zh) 2001-01-17
DE69801770D1 (de) 2001-10-25

Similar Documents

Publication Publication Date Title
US6817521B1 (en) Credit card application automation system
EP0409701B1 (de) Karte mit festverdrahteter Mikroschaltung und Verfahren zur Durchführung einer Transaktion zwischen einer solchen Karte und einem Endgerät
EP0423035B1 (de) System zum Bezahlen oder Transferieren von Informationen mit einer als Geldbörse dienenden elektronischen Speicherkarte
US6023508A (en) Polymorphic data structures for secure operation of a virtual cash system
FR2666671A1 (fr) Procede de gestion d'un programme d'application charge dans un support a microcircuit.
EP0414314A1 (de) Verfahren zur Erzeugung einer einmaligen Zahl für eine Mikroschaltungskarte und Verwendung derselben zur Zusammenarbeit der Karte mit einem Wirtssystem
FR2716021A1 (fr) Procédé et système de transaction par carte à puce.
EP0277440B1 (de) Aufwertbares Leistungssystem
EP1034517B1 (de) Datenverwaltungsverfahren in einer chipkarte
FR3080934A1 (fr) Procede et systeme pour effectuer un echange de donnees securise
EP0829831B1 (de) Verfahren zum Authentifizieren von Karten
CA2249461A1 (fr) Dispositif portatif destine a effectuer des transactions securisees en interne et par carte a micro-circuits, et procede de mise en oeuvre correspondant
US7043642B1 (en) Process to manage data in a chip card
EP1299837A1 (de) Verfahren für den online-verkauf von digitalen gütern über ein kommunikationsnetwerk und elektronisches gerät zum kauf von digitalen gütern mit dem verfahren
FR2927454A1 (fr) Procede de detection de cartes a microprocesseur non authentiques, carte a microprocesseur, terminal lecteur de carte et programmes correspondants
EP0595720B1 (de) Verfahren und Vorrichtung zum Schreiben von einer Information auf einen Datenträger, mit Möglichkeit zur Bestätigung der Originalität dieser Information
WO2005079079A2 (fr) Procedes de securisation d’appareils tels que des terminaux mobiles, et ensembles securises comprenant de tels appareils
FR2780797A1 (fr) Dispositif et procede d'authentification
EP1502234B1 (de) Datenübertragungsverfahren zwischen einer chipkarte und einem benutzer, kartenlesegerät und karte zur durchführung des verfahrens
FR2788620A1 (fr) Supports et systemes d'echange de donnees securises notamment pour paiements et telepaiements
FR2796742A1 (fr) Supports et systemes d'echange de donnees securises notamment pour paiements et telepaiements
FR2790854A1 (fr) Supports et systemes d'echange de donnees securises notamment pour paiement et telepaiements
FR2749413A1 (fr) Procede de stockage des unites de valeur dans une carte a puce de facon securisee et systeme de transaction monetaire avec de telles cartes
FR2834842A1 (fr) Procede d'authentification d'un objet portable informatise par un terminal, systeme mettant en oeuvre le procede, terminal utilise dans le procede et objet portable utilise dans le procede
FR2770071A1 (fr) Systeme d'identification de personnes

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20000626

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LI LU NL PT SE

GRAG Despatch of communication of intention to grant

Free format text: ORIGINAL CODE: EPIDOS AGRA

17Q First examination report despatched

Effective date: 20001123

GRAG Despatch of communication of intention to grant

Free format text: ORIGINAL CODE: EPIDOS AGRA

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LI LU NL PT SE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20010919

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20010919

Ref country code: IE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20010919

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20010919

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20010919

REF Corresponds to:

Ref document number: 205954

Country of ref document: AT

Date of ref document: 20011015

Kind code of ref document: T

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

Free format text: FRENCH

REF Corresponds to:

Ref document number: 69801770

Country of ref document: DE

Date of ref document: 20011025

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20011124

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20011130

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20011219

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20011219

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20011221

REG Reference to a national code

Ref country code: GB

Ref legal event code: IF02

GBT Gb: translation of ep patent filed (gb section 77(6)(a)/1977)

Effective date: 20011219

REG Reference to a national code

Ref country code: ES

Ref legal event code: FG2A

Ref document number: 2164463

Country of ref document: ES

Kind code of ref document: T3

NLV1 Nl: lapsed or annulled due to failure to fulfill the requirements of art. 29p and 29m of the patents act
REG Reference to a national code

Ref country code: IE

Ref legal event code: FD4D

BERE Be: lapsed

Owner name: GEMPLUS

Effective date: 20011130

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

26N No opposition filed
PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20021130

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20021130

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: DE

Payment date: 20081126

Year of fee payment: 11

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: ES

Payment date: 20081107

Year of fee payment: 11

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: IT

Payment date: 20081117

Year of fee payment: 11

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20081126

Year of fee payment: 11

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20081029

Year of fee payment: 11

GBPC Gb: european patent ceased through non-payment of renewal fee

Effective date: 20091124

REG Reference to a national code

Ref country code: FR

Ref legal event code: ST

Effective date: 20100730

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: FR

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20091130

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20100601

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GB

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20091124

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IT

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20091124

REG Reference to a national code

Ref country code: ES

Ref legal event code: FD2A

Effective date: 20110411

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: ES

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20110329

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: ES

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20091125